CVE-2025-39746

EPSS 0.02%
Published 11.09.2025 16:52:19
Last modified 15.09.2025 15:22:38
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath10k: shutdown driver when hardware is unreliable

In rare cases, ath10k may lose connection with the PCIe bus due to
some unknown reasons, which could further lead to system crashes during
resuming due to watchdog timeout:

ath10k_pci 0000:01:00.0: wmi command 20486 timeout, restarting hardware
ath10k_pci 0000:01:00.0: already restarting
ath10k_pci 0000:01:00.0: failed to stop WMI vdev 0: -11
ath10k_pci 0000:01:00.0: failed to stop vdev 0: -11
ieee80211 phy0: PM: **** DPM device timeout ****
Call Trace:
 panic+0x125/0x315
 dpm_watchdog_set+0x54/0x54
 dpm_watchdog_handler+0x57/0x57
 call_timer_fn+0x31/0x13c

At this point, all WMI commands will timeout and attempt to restart
device. So set a threshold for consecutive restart failures. If the
threshold is exceeded, consider the hardware is unreliable and all
ath10k operations should be skipped to avoid system crash.

fail_cont_count and pending_recovery are atomic variables, and
do not involve complex conditional logic. Therefore, even if recovery
check and reconfig complete are executed concurrently, the recovery
mechanism will not be broken.

Tested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00288-QCARMSWPZ-1

Affected products Warnungen 0 Metrics 1 CWE 0 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 201c9b4485edc618863a60f97a2d88bddd139467

Version 5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5

Status affected

Version < e36991bddf8be63e79659f654cdb1722db4e8132

Version 5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5

Status affected

Version < 84ca5632b8d05d1c2e25604d1d63434b2fb61c85

Version 5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5

Status affected

Version < c256a94d1b1b15109740306f7f2a7c2173e12072

Version 5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 3.11

Status affected

Version < 3.11

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.43

Status unaffected

Version <= 6.15.*

Version 6.15.11

Status unaffected

Version <= 6.16.*

Version 6.16.2

Status unaffected

Version <= *

Version 6.17-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.046

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/201c9b4485edc618863a60f97a2d88bddd139467

https://git.kernel.org/stable/c/e36991bddf8be63e79659f654cdb1722db4e8132

https://git.kernel.org/stable/c/84ca5632b8d05d1c2e25604d1d63434b2fb61c85

https://git.kernel.org/stable/c/c256a94d1b1b15109740306f7f2a7c2173e12072

https://nvd.nist.gov/vuln/detail/CVE-2025-39746

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39746

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39746

EUVD